]> git.saurik.com Git - apple/security.git/blame - OSX/libsecurity_smime/lib/cmsasn1.c
projects / apple / security.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Security-59754.80.3.tar.gz
[apple/security.git] / OSX / libsecurity_smime / lib / cmsasn1.c
CommitLineData
d8f41ccd
A		 1/*
2 * The contents of this file are subject to the Mozilla Public
3 * License Version 1.1 (the "License"); you may not use this file
4 * except in compliance with the License. You may obtain a copy of
5 * the License at http://www.mozilla.org/MPL/
6 *
7 * Software distributed under the License is distributed on an "AS
8 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
9 * implied. See the License for the specific language governing
10 * rights and limitations under the License.
11 *
12 * The Original Code is the Netscape security libraries.
13 *
14 * The Initial Developer of the Original Code is Netscape
15 * Communications Corporation. Portions created by Netscape are
16 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
17 * Rights Reserved.
18 *
19 * Contributor(s):
20 *
21 * Alternatively, the contents of this file may be used under the
22 * terms of the GNU General Public License Version 2 or later (the
23 * "GPL"), in which case the provisions of the GPL are applicable
24 * instead of those above. If you wish to allow use of your
25 * version of this file only under the terms of the GPL and not to
26 * allow others to use your version of this file under the MPL,
27 * indicate your decision by deleting the provisions above and
28 * replace them with the notice and other provisions required by
29 * the GPL. If you do not delete the provisions above, a recipient
30 * may use your version of this file under either the MPL or the
31 * GPL.
32 */
33
34/*
35 * CMS ASN.1 templates
36 */
37
38#include <Security/SecCmsContentInfo.h>
39
40#include "cmslocal.h"
41
42#include "secoid.h"
43#include <security_asn1/secasn1.h>
44#include <security_asn1/secerr.h>
45
46
47extern const SecAsn1Template nss_cms_set_of_attribute_template[];
48
49//SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
50//SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
51SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
52SEC_ASN1_MKSUB(kSecAsn1BitStringTemplate)
53SEC_ASN1_MKSUB(kSecAsn1OctetStringTemplate)
54SEC_ASN1_MKSUB(kSecAsn1PointerToOctetStringTemplate)
55SEC_ASN1_MKSUB(kSecAsn1SetOfAnyTemplate)
56
57/* -----------------------------------------------------------------------------
58 * MESSAGE
59 * (uses SecCmsContentInfo)
60 */
61
62/* forward declaration */
63static const SecAsn1Template *
822b670c 64nss_cms_choose_content_template(void *src_or_dest, Boolean encoding, const char *buf, size_t len, void *dest);
d8f41ccd
A		 65
66static const SecAsn1TemplateChooserPtr nss_cms_chooser
67 = nss_cms_choose_content_template;
68
69const SecAsn1Template SecCmsMessageTemplate[] = {
70 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
71 0, NULL, sizeof(SecCmsMessage) },
72 { SEC_ASN1_OBJECT_ID,
73 offsetof(SecCmsMessage,contentInfo.contentType) },
74 { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
75 | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
76 offsetof(SecCmsMessage,contentInfo.content),
77 &nss_cms_chooser },
78 { 0 }
79};
80
81#if 0
82static const SecAsn1Template NSS_PointerToCMSMessageTemplate[] = {
83 { SEC_ASN1_POINTER, 0, SecCmsMessageTemplate }
84};
85#endif
86
87/* -----------------------------------------------------------------------------
88 * ENCAPSULATED & ENCRYPTED CONTENTINFO
89 * (both use a SecCmsContentInfo)
90 */
91static const SecAsn1Template SecCmsEncapsulatedContentInfoTemplate[] = {
92 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
93 0, NULL, sizeof(SecCmsContentInfo) },
94 { SEC_ASN1_OBJECT_ID,
95 offsetof(SecCmsContentInfo,contentType) },
96 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
97 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
98 offsetof(SecCmsContentInfo,rawContent),
99 SEC_ASN1_SUB(kSecAsn1PointerToOctetStringTemplate) },
100 { 0 }
101};
102
103static const SecAsn1Template SecCmsEncryptedContentInfoTemplate[] = {
104 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
105 0, NULL, sizeof(SecCmsContentInfo) },
106 { SEC_ASN1_OBJECT_ID,
107 offsetof(SecCmsContentInfo,contentType) },
108 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
109 offsetof(SecCmsContentInfo,contentEncAlg),
110 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
111 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
112 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
113 offsetof(SecCmsContentInfo,rawContent),
114 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
115 { 0 }
116};
117
118/* -----------------------------------------------------------------------------
119 * SIGNED DATA
120 */
121
122const SecAsn1Template SecCmsSignerInfoTemplate[];
123
124
125const SecAsn1Template SecCmsSignedDataTemplate[] = {
126 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
127 0, NULL, sizeof(SecCmsSignedData) },
128 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
129 offsetof(SecCmsSignedData,version) },
130 { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
131 offsetof(SecCmsSignedData,digestAlgorithms),
132 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
133 { SEC_ASN1_INLINE,
134 offsetof(SecCmsSignedData,contentInfo),
135 SecCmsEncapsulatedContentInfoTemplate },
136 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
137 SEC_ASN1_XTRN | 0,
138 offsetof(SecCmsSignedData,rawCerts),
139 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
140 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
141 SEC_ASN1_XTRN | 1,
142 offsetof(SecCmsSignedData,rawCrls),
143 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
144 { SEC_ASN1_SET_OF,
145 offsetof(SecCmsSignedData,signerInfos),
146 SecCmsSignerInfoTemplate },
147 { 0 }
148};
149
150const SecAsn1Template NSS_PointerToCMSSignedDataTemplate[] = {
151 { SEC_ASN1_POINTER, 0, SecCmsSignedDataTemplate }
152};
153
154/* -----------------------------------------------------------------------------
155 * signeridentifier
156 */
157
158static const SecAsn1Template SecCmsSignerIdentifierTemplate[] = {
159 { SEC_ASN1_CHOICE,
160 offsetof(SecCmsSignerIdentifier,identifierType), NULL,
161 sizeof(SecCmsSignerIdentifier) },
162 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
163 offsetof(SecCmsSignerIdentifier,id.subjectKeyID),
164 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) ,
165 SecCmsRecipientIDSubjectKeyID },
166 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
167 offsetof(SecCmsSignerIdentifier,id.issuerAndSN),
168 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
169 SecCmsRecipientIDIssuerSN },
170 { 0 }
171};
172
173/* -----------------------------------------------------------------------------
174 * signerinfo
175 */
176
177const SecAsn1Template SecCmsSignerInfoTemplate[] = {
178 { SEC_ASN1_SEQUENCE,
179 0, NULL, sizeof(SecCmsSignerInfo) },
180 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
181 offsetof(SecCmsSignerInfo,version) },
182 { SEC_ASN1_INLINE,
183 offsetof(SecCmsSignerInfo,signerIdentifier),
184 SecCmsSignerIdentifierTemplate },
185 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
186 offsetof(SecCmsSignerInfo,digestAlg),
187 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
188 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
189 offsetof(SecCmsSignerInfo,authAttr),
190 nss_cms_set_of_attribute_template },
191 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
192 offsetof(SecCmsSignerInfo,digestEncAlg),
193 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
194 { SEC_ASN1_OCTET_STRING,
195 offsetof(SecCmsSignerInfo,encDigest) },
196 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
197 offsetof(SecCmsSignerInfo,unAuthAttr),
198 nss_cms_set_of_attribute_template },
199 { 0 }
200};
201
202/* -----------------------------------------------------------------------------
203 * ENVELOPED DATA
204 */
205
206static const SecAsn1Template SecCmsOriginatorInfoTemplate[] = {
207 { SEC_ASN1_SEQUENCE,
208 0, NULL, sizeof(SecCmsOriginatorInfo) },
209 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
210 SEC_ASN1_XTRN | 0,
211 offsetof(SecCmsOriginatorInfo,rawCerts),
212 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
213 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
214 SEC_ASN1_XTRN | 1,
215 offsetof(SecCmsOriginatorInfo,rawCrls),
216 SEC_ASN1_SUB(kSecAsn1SetOfAnyTemplate) },
217 { 0 }
218};
219
220const SecAsn1Template SecCmsRecipientInfoTemplate[];
221
222const SecAsn1Template SecCmsEnvelopedDataTemplate[] = {
223 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
224 0, NULL, sizeof(SecCmsEnvelopedData) },
225 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
226 offsetof(SecCmsEnvelopedData,version) },
227 { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
228 offsetof(SecCmsEnvelopedData,originatorInfo),
229 SecCmsOriginatorInfoTemplate },
230 { SEC_ASN1_SET_OF,
231 offsetof(SecCmsEnvelopedData,recipientInfos),
232 SecCmsRecipientInfoTemplate },
233 { SEC_ASN1_INLINE,
234 offsetof(SecCmsEnvelopedData,contentInfo),
235 SecCmsEncryptedContentInfoTemplate },
236 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
237 offsetof(SecCmsEnvelopedData,unprotectedAttr),
238 nss_cms_set_of_attribute_template },
239 { 0 }
240};
241
242const SecAsn1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
243 { SEC_ASN1_POINTER, 0, SecCmsEnvelopedDataTemplate }
244};
245
246/* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
247
248/* -----------------------------------------------------------------------------
249 * key transport recipient info
250 */
251
252static const SecAsn1Template SecCmsRecipientIdentifierTemplate[] = {
253 { SEC_ASN1_CHOICE,
254 offsetof(SecCmsRecipientIdentifier,identifierType), NULL,
255 sizeof(SecCmsRecipientIdentifier) },
6b200bc3
A		 256 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
257 offsetof(SecCmsRecipientIdentifier,id.subjectKeyID),
258 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) ,
259 SecCmsRecipientIDSubjectKeyID },
d8f41ccd
A		 260 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
261 offsetof(SecCmsRecipientIdentifier,id.issuerAndSN),
262 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
263 SecCmsRecipientIDIssuerSN },
264 { 0 }
265};
266
267
268static const SecAsn1Template SecCmsKeyTransRecipientInfoTemplate[] = {
269 { SEC_ASN1_SEQUENCE,
270 0, NULL, sizeof(SecCmsKeyTransRecipientInfo) },
271 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
272 offsetof(SecCmsKeyTransRecipientInfo,version) },
273 { SEC_ASN1_INLINE,
274 offsetof(SecCmsKeyTransRecipientInfo,recipientIdentifier),
275 SecCmsRecipientIdentifierTemplate },
276 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
277 offsetof(SecCmsKeyTransRecipientInfo,keyEncAlg),
278 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
279 { SEC_ASN1_OCTET_STRING,
280 offsetof(SecCmsKeyTransRecipientInfo,encKey) },
281 { 0 }
282};
283
284/* -----------------------------------------------------------------------------
285 * key agreement recipient info
286 */
287
288static const SecAsn1Template SecCmsOriginatorPublicKeyTemplate[] = {
289 { SEC_ASN1_SEQUENCE,
290 0, NULL, sizeof(SecCmsOriginatorPublicKey) },
291 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
292 offsetof(SecCmsOriginatorPublicKey,algorithmIdentifier),
293 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
294 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
295 offsetof(SecCmsOriginatorPublicKey,publicKey),
296 SEC_ASN1_SUB(kSecAsn1BitStringTemplate) },
297 { 0 }
298};
299
300
301static const SecAsn1Template SecCmsOriginatorIdentifierOrKeyTemplate[] = {
302 { SEC_ASN1_CHOICE,
303 offsetof(SecCmsOriginatorIdentifierOrKey,identifierType), NULL,
304 sizeof(SecCmsOriginatorIdentifierOrKey) },
305 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
306 offsetof(SecCmsOriginatorIdentifierOrKey,id.issuerAndSN),
307 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
308 SecCmsOriginatorIDOrKeyIssuerSN },
309 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
310 /* this was tag 1 here, 2 for the next; RFC 3852 says they are 0 and 1 */
311 SEC_ASN1_XTRN | 0,
312 offsetof(SecCmsOriginatorIdentifierOrKey,id.subjectKeyID),
313 kSecAsn1OctetStringTemplate,
314 SecCmsOriginatorIDOrKeySubjectKeyID },
315 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
316 offsetof(SecCmsOriginatorIdentifierOrKey,id.originatorPublicKey),
317 SecCmsOriginatorPublicKeyTemplate,
318 SecCmsOriginatorIDOrKeyOriginatorPublicKey },
319 { 0 }
320};
321
322const SecAsn1Template SecCmsRecipientKeyIdentifierTemplate[] = {
323 { SEC_ASN1_SEQUENCE,
324 0, NULL, sizeof(SecCmsRecipientKeyIdentifier) },
0e1db9d1
A		 325 { SEC_ASN1_INLINE | SEC_ASN1_OCTET_STRING,
326 offsetof(SecCmsRecipientKeyIdentifier,subjectKeyIdentifier),
327 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
328 { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_GENERALIZED_TIME,
329 offsetof(SecCmsRecipientKeyIdentifier,date),
330 SEC_ASN1_SUB(kSecAsn1GeneralizedTimeTemplate) },
331 { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
d8f41ccd
A		 332 offsetof(SecCmsRecipientKeyIdentifier,other) },
333 { 0 }
334};
335
336
337static const SecAsn1Template SecCmsKeyAgreeRecipientIdentifierTemplate[] = {
338 { SEC_ASN1_CHOICE,
339 offsetof(SecCmsKeyAgreeRecipientIdentifier,identifierType), NULL,
340 sizeof(SecCmsKeyAgreeRecipientIdentifier) },
341 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
342 offsetof(SecCmsKeyAgreeRecipientIdentifier,id.issuerAndSN),
343 SEC_ASN1_SUB(SecCmsIssuerAndSNTemplate),
344 SecCmsKeyAgreeRecipientIDIssuerSN },
345 { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
346 offsetof(SecCmsKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
347 SecCmsRecipientKeyIdentifierTemplate,
348 SecCmsKeyAgreeRecipientIDRKeyID },
349 { 0 }
350};
351
352static const SecAsn1Template SecCmsRecipientEncryptedKeyTemplate[] = {
353 { SEC_ASN1_SEQUENCE,
354 0, NULL, sizeof(SecCmsRecipientEncryptedKey) },
355 { SEC_ASN1_INLINE,
356 offsetof(SecCmsRecipientEncryptedKey,recipientIdentifier),
357 SecCmsKeyAgreeRecipientIdentifierTemplate },
358 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
359 offsetof(SecCmsRecipientEncryptedKey,encKey),
360 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
361 { 0 }
362};
363
364static const SecAsn1Template SecCmsKeyAgreeRecipientInfoTemplate[] = {
365 { SEC_ASN1_SEQUENCE,
366 0, NULL, sizeof(SecCmsKeyAgreeRecipientInfo) },
367 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
368 offsetof(SecCmsKeyAgreeRecipientInfo,version) },
369 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
370 offsetof(SecCmsKeyAgreeRecipientInfo,originatorIdentifierOrKey),
371 SecCmsOriginatorIdentifierOrKeyTemplate },
372 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
373 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
374 offsetof(SecCmsKeyAgreeRecipientInfo,ukm),
375 SEC_ASN1_SUB(kSecAsn1OctetStringTemplate) },
376 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
377 offsetof(SecCmsKeyAgreeRecipientInfo,keyEncAlg),
378 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
379 { SEC_ASN1_SEQUENCE_OF,
380 offsetof(SecCmsKeyAgreeRecipientInfo,recipientEncryptedKeys),
381 SecCmsRecipientEncryptedKeyTemplate },
382 { 0 }
383};
384
385/* -----------------------------------------------------------------------------
386 * KEK recipient info
387 */
388
389static const SecAsn1Template SecCmsKEKIdentifierTemplate[] = {
390 { SEC_ASN1_SEQUENCE,
391 0, NULL, sizeof(SecCmsKEKIdentifier) },
392 { SEC_ASN1_OCTET_STRING,
393 offsetof(SecCmsKEKIdentifier,keyIdentifier) },
394 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
395 offsetof(SecCmsKEKIdentifier,date) },
396 { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
397 offsetof(SecCmsKEKIdentifier,other) },
398 { 0 }
399};
400
401static const SecAsn1Template SecCmsKEKRecipientInfoTemplate[] = {
402 { SEC_ASN1_SEQUENCE,
403 0, NULL, sizeof(SecCmsKEKRecipientInfo) },
404 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
405 offsetof(SecCmsKEKRecipientInfo,version) },
406 { SEC_ASN1_INLINE,
407 offsetof(SecCmsKEKRecipientInfo,kekIdentifier),
408 SecCmsKEKIdentifierTemplate },
409 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
410 offsetof(SecCmsKEKRecipientInfo,keyEncAlg),
411 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
412 { SEC_ASN1_OCTET_STRING,
413 offsetof(SecCmsKEKRecipientInfo,encKey) },
414 { 0 }
415};
416
417/* -----------------------------------------------------------------------------
418 * recipient info
419 */
420const SecAsn1Template SecCmsRecipientInfoTemplate[] = {
421 { SEC_ASN1_CHOICE,
422 offsetof(SecCmsRecipientInfo,recipientInfoType), NULL,
423 sizeof(SecCmsRecipientInfo) },
424 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
425 offsetof(SecCmsRecipientInfo,ri.keyAgreeRecipientInfo),
426 SecCmsKeyAgreeRecipientInfoTemplate,
427 SecCmsRecipientInfoIDKeyAgree },
428 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
429 offsetof(SecCmsRecipientInfo,ri.kekRecipientInfo),
430 SecCmsKEKRecipientInfoTemplate,
431 SecCmsRecipientInfoIDKEK },
432 { SEC_ASN1_INLINE,
433 offsetof(SecCmsRecipientInfo,ri.keyTransRecipientInfo),
434 SecCmsKeyTransRecipientInfoTemplate,
435 SecCmsRecipientInfoIDKeyTrans },
436 { 0 }
437};
438
439/* -----------------------------------------------------------------------------
440 *
441 */
442
443const SecAsn1Template SecCmsDigestedDataTemplate[] = {
444 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
445 0, NULL, sizeof(SecCmsDigestedData) },
446 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
447 offsetof(SecCmsDigestedData,version) },
448 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
449 offsetof(SecCmsDigestedData,digestAlg),
450 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
451 { SEC_ASN1_INLINE,
452 offsetof(SecCmsDigestedData,contentInfo),
453 SecCmsEncapsulatedContentInfoTemplate },
454 { SEC_ASN1_OCTET_STRING,
455 offsetof(SecCmsDigestedData,digest) },
456 { 0 }
457};
458
459const SecAsn1Template NSS_PointerToCMSDigestedDataTemplate[] = {
460 { SEC_ASN1_POINTER, 0, SecCmsDigestedDataTemplate }
461};
462
463const SecAsn1Template SecCmsEncryptedDataTemplate[] = {
464 { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
465 0, NULL, sizeof(SecCmsEncryptedData) },
466 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
467 offsetof(SecCmsEncryptedData,version) },
468 { SEC_ASN1_INLINE,
469 offsetof(SecCmsEncryptedData,contentInfo),
470 SecCmsEncryptedContentInfoTemplate },
471 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
472 offsetof(SecCmsEncryptedData,unprotectedAttr),
473 nss_cms_set_of_attribute_template },
474 { 0 }
475};
476
477const SecAsn1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
478 { SEC_ASN1_POINTER, 0, SecCmsEncryptedDataTemplate }
479};
480
481/* -----------------------------------------------------------------------------
482 * SetOfSignedCrlTemplate
483 */
484const SecAsn1Template SecCmsIssuerAndSNTemplate[] = {
485 { SEC_ASN1_SEQUENCE,
486 0, NULL, sizeof(SecCmsIssuerAndSN) },
487#if 1 // @@@ Switch to using NSS_NameTemplate
488 { SEC_ASN1_ANY,
489 offsetof(SecCmsIssuerAndSN,derIssuer) },
490#else
491 { SEC_ASN1_INLINE,
492 offsetof(SecCmsIssuerAndSN,issuer),
493 NSS_NameTemplate },
494#endif
495 { SEC_ASN1_INTEGER | SEC_ASN1_SIGNED_INT,
496 offsetof(SecCmsIssuerAndSN,serialNumber) },
497 { 0 }
498};
499
500
501/* -----------------------------------------------------------------------------
502 * FORTEZZA KEA
503 */
504const SecAsn1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
505 { SEC_ASN1_SEQUENCE,
506 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
507 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
508 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
509 { SEC_ASN1_OCTET_STRING,
510 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
511 { 0 }
512};
513
514const SecAsn1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
515 { SEC_ASN1_SEQUENCE,
516 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
517 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
518 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
519 { SEC_ASN1_OCTET_STRING,
520 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
521 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
522 offsetof(SecCmsSMIMEKEAParameters,nonSkipjackIV) },
523 { 0 }
524};
525
526const SecAsn1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
527 { SEC_ASN1_SEQUENCE,
528 0, NULL, sizeof(SecCmsSMIMEKEAParameters) },
529 { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
530 offsetof(SecCmsSMIMEKEAParameters,originatorKEAKey) },
531 { SEC_ASN1_OCTET_STRING,
532 offsetof(SecCmsSMIMEKEAParameters,originatorRA) },
533 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
534 offsetof(SecCmsSMIMEKEAParameters,nonSkipjackIV) },
535 { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
536 offsetof(SecCmsSMIMEKEAParameters,bulkKeySize) },
537 { 0 }
538};
539
540/*TODO: this should be in some header */
541const SecAsn1Template *
542nss_cms_get_kea_template(SecCmsKEATemplateSelector whichTemplate);
543const SecAsn1Template *
544nss_cms_get_kea_template(SecCmsKEATemplateSelector whichTemplate)
545{
546 const SecAsn1Template *returnVal = NULL;
547
548 switch(whichTemplate)
549 {
550 case SecCmsKEAUsesNonSkipjack:
551 returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
552 break;
553 case SecCmsKEAUsesSkipjack:
554 returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
555 break;
556 case SecCmsKEAUsesNonSkipjackWithPaddedEncKey:
557 default:
558 returnVal = NSS_SMIMEKEAParamTemplateAllParams;
559 break;
560 }
561 return returnVal;
562}
563
564/* -----------------------------------------------------------------------------
565 *
566 */
567static const SecAsn1Template *
822b670c 568nss_cms_choose_content_template(void *src_or_dest, Boolean encoding, const char *buf, size_t len, void *dest)
d8f41ccd
A		 569{
570 const SecAsn1Template *theTemplate;
571 SecCmsContentInfoRef cinfo;
572
573 PORT_Assert (src_or_dest != NULL);
574 if (src_or_dest == NULL)
575 return NULL;
576
577 cinfo = (SecCmsContentInfoRef)src_or_dest;
578 switch (SecCmsContentInfoGetContentTypeTag(cinfo)) {
579 default:
580 theTemplate = SEC_ASN1_GET(kSecAsn1PointerToAnyTemplate);
581 break;
582 case SEC_OID_PKCS7_DATA:
583 case SEC_OID_OTHER:
584 theTemplate = SEC_ASN1_GET(kSecAsn1PointerToOctetStringTemplate);
585 break;
586 case SEC_OID_PKCS7_SIGNED_DATA:
587 theTemplate = NSS_PointerToCMSSignedDataTemplate;
588 break;
589 case SEC_OID_PKCS7_ENVELOPED_DATA:
590 theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
591 break;
592 case SEC_OID_PKCS7_DIGESTED_DATA:
593 theTemplate = NSS_PointerToCMSDigestedDataTemplate;
594 break;
595 case SEC_OID_PKCS7_ENCRYPTED_DATA:
596 theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
597 break;
598 }
599 return theTemplate;
600}
mirror of Security